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Qualys Unified IT-loT-OT Visibility, 
Analytics and Control Solutions 


Agentless| Agent | Passive | API 


Why Visibility? 


Digital Transformation drives Endpoint Explosion 


loT/IOT 
Cloud and SaaS 
Mobile Devices 
Virtualization 
BYOD 


Digital Transformation 


Source: 2018 SANS Survey 
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Challenges with IT Asset Management 


POINT NO BUSINESS 


fe) Qualys 


Agentless vs Agent-based 


Agentless 


Agent-based 


Device Fingerprinting 
Data Flows 

Application Visibility 
Vulnerability for 
unmanaged, ICS 

Suitable for unmanaged 
devices 


Deep-device, software 
visibility, user info 
Vulnerability Detection 
Policy Compliance 
Threat Quantification 
Suitable for Managed 
Devices 


Both are critical and have a role to play 


Introducing 


Qualys Asset Inventory 


Real-time Inventory 


Source of truth for IT and Security 
teams 


Structured and complete context 
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Benefits 


2-second Visibility 


Business contextual Inventory 


Uniform, accurate information 


IT Cost reduction 


How is it done? 
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Physical Scanner Cloud Agent OS/HW/SW EoL/EoS 


Virtual Scanner Passive Sensor Mfg./owner/product License type 


Cloud Scanner API Market version Vulnerability/PC 


Qualys Sensors Asset Inventory in Qualys Cloud 
Scalable, Self-updating & Centrally Managed Categorization, Normalization, Enrichment 


Use case 1: Global IT Visibility 


Managed, unmanaged, campus/branch/DC and cloud assets 


Inventory every hardware and 
software 


Gane 


Real-time and contextual info H Use Case Benefits 
Ill te blind t 
Manufacturer/Publisher/oroduct/vendor sean e plind pot 
Si rioritize security programs 
IP address/MAC address Control financial risk with 
Major version/version order/service unlicensed software 
pack/market version Rationalize multiple 
. “ products/versions 

Risk/vulnerability Share context with ITAM tools 


Policy compliance 


Use case 2: Software Inventory with Rich Context 
Databases, Applications and Security software agents 


Real-time inventory of 
managed/unmanaged databases Use Case Benefits 


EoL/EOS status of the software e Control financial risk with 


unlicensed software 


Rationalize multiple 


Market version, multiple version for products/versions 
softwa re e Prioritize security programs 


Report to drive VM programs 


Use case 3: Endpoint Devices Visibility 


Managed and Unmanaged devices 


Automatically discover devices as 
they enter the network 


Get detailed context on 
Devices already connected 
New devices connecting 
Guest/Employee network monitoring 
Real-time traffic monitoring 
User information 
Internet traffic monitoring* 


* In future release 


Use Case Benefits 


Devices with Context data 
Monitoring Unauthorized 

devices 

Actionable intelligence for 
follow up 


Case Study: Large Bank uses 
Qualys Al to help Stay 
Compliant 


Customer challenge: 
Monitor unauthorized software 
Find DB versions, EoL/EOS status, market 
version discrepancies 


How do they use it? 
Dashboards to gain global visibility of 
unauthorized software 
Asset category based search to isolate 
databases 
Context information to find versions, EoL/EoS 
status, market version discrepancies 


Case Study: Large Accounting 
Firm uses Qualys Al for Unified 
Inventory 


Customer challenge: 


Unified global inventory 
Prioritize security needs 
Service Desk optimization 


How do they use it? 


o Dashboards to gain global visibility 

o Asset category based prioritization to 
drive remediation 

o CMDB integration with ServiceNow to 
drive accurate asset in CMDB 


Case Study: Global Technology 
Leader uses Qualys Al to 
determine Unmanaged devices 


Customer challenge: 


Global asset inventory 
Unmanaged devices 


How do they use it? 
o Dashboards to gain global visibility of 
hardware and software 
o Unmanaged devices total to identify all 
dashboards 
o Traffic information from these devices to 
understand threats and prioritize actions 
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Complete and 


clean data to your 
CMDB 


Certified ServiceNow App Syncs 
asset data in both directions. 
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Self-Service 


Qualys App for ServiceNow CMDB 
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Product Catalog 
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Servicenow to Qualys 


Servicenow to Qualys Sync 


Qualys Asset Tag 


Table 


ServiceNow 
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Computer [cmdb_ci_compute: 


Query Add Filter Condition 


Add "OR" Clause 


All of these conditions must be mei 


IP Address 


Fully qualified domain name 


Dae 


Qualys sensors for complete, detailed asset telemetry 
Structuring your inventory (normalization and taxonomy) 
Enriching your inventory (e.g. lifecycle) 

Blind spots? (showcase passive discovery) 


Passive Network Sensor 
(Beta) 


Discovery & Profiling 


Identify and profile devices as 
soon as they connect to the 
network 


Continuously enrich existing 
inventory 


Extends discovery, for sensitive 
systems 


Multi-function Passive Sensor 


CE uns 


First Phase (Q2/Q3-2019) Future use cases 


IT asset discovery and profiling 


Highlight asset relationship 
Application recognition and usage 


Traffic anomaly & Network IOC 


Smart whitelisting (policies within 
Next (Q4/Q1-2019/20) Secure Access Control) 
Asset discovery and profiling 
SCADA 
Medical Devices 
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Secure Access Control 


Use Cases 


Grant access to resources only ona 
need basis 


Automated asset attribute processing 
and enforcement 


Limit /Block access (e.g. quarantine) of 
vulnerable assets or assets out of 
compliance 


Use Cases 


= Asset Inventory - Access control using asset inventory attributes 
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Unmanaged Assets 


Use Cases 


@ Vulnerabilities - Quarantine assets if vulnerable 


Vulnerability Found 


Local Data Center LDC-01 


Quarantine 


DNS Active 
Server Directory 
Enterprise 


Remote Data Center RDC-01 


Remote Office 


https://*.windowsupdate.microsoft.co 
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Use Cases 


<i Compliance - Block assets which fail compliance 


© | Controls Block 
æ Compliance Mandates 


Control Policies 
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File Integrity eter incidents 
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Secure Access Control 


Next Phase (1H’20) 


° Public API 
e PC and loC as data source 


Future use cases 


Patch integration 


First Phase (Q4’19/Q1’20) 


e Policies using attributes of VM, Al, Policy Simulation 
Asset Tags Quarantine Notification pop-up 
e Enforcement Block, Assign VLAN/ACL SEM Integration 
° — |n-line/Out-of-band hybrid operating 
modes 
e Enforcement on SAC appliance or 
switches 
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